1
22
23 package com.liferay.portal.servlet.taglib.security;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.HttpUtil;
28 import com.liferay.portal.kernel.util.Validator;
29 import com.liferay.portal.model.Company;
30 import com.liferay.portal.util.PortalUtil;
31 import com.liferay.util.Encryptor;
32 import com.liferay.util.EncryptorException;
33
34 import java.security.Key;
35
36 import java.util.Set;
37 import java.util.StringTokenizer;
38
39 import javax.servlet.http.HttpServletRequest;
40 import javax.servlet.jsp.JspException;
41 import javax.servlet.jsp.PageContext;
42
43
48 public class EncryptTagUtil {
49
50 public static void doStartTag(
51 String className, String style, String protocol,
52 Set<String> unencryptedParamsSet, String url, String target,
53 PageContext pageContext)
54 throws JspException {
55
56 try {
57 StringBuilder sb = new StringBuilder();
58
59
61 sb.append("<a ");
62
63
65 if (Validator.isNotNull(className)) {
66 sb.append("class=\"");
67 sb.append(className);
68 sb.append("\" ");
69 }
70
71
73 sb.append("href=\"").append(protocol).append("://");
74
75 int pos = url.indexOf("?");
76
77 if (pos == -1) {
78 sb.append(url);
79 }
80 else {
81 sb.append(url.substring(0, pos)).append("?");
82
83 Company company = PortalUtil.getCompany(
84 (HttpServletRequest)pageContext.getRequest());
85
86 Key key = company.getKeyObj();
87
88 StringTokenizer st = new StringTokenizer(
89 url.substring(pos + 1, url.length()), "&");
90
91 while (st.hasMoreTokens()) {
92 String paramAndValue = st.nextToken();
93
94 int x = paramAndValue.indexOf("=");
95
96 String param = paramAndValue.substring(0, x);
97 String value = paramAndValue.substring(
98 x + 1, paramAndValue.length());
99
100 sb.append(param).append("=");
101
102 if (unencryptedParamsSet.contains(param)) {
103 sb.append(HttpUtil.encodeURL(value));
104 }
105 else {
106 try {
107 sb.append(HttpUtil.encodeURL(
108 Encryptor.encrypt(key, value)));
109 }
110 catch (EncryptorException ee) {
111 _log.error(ee.getMessage());
112 }
113
114 if (st.hasMoreTokens()) {
115 sb.append("&");
116 }
117 }
118 }
119
120 sb.append("&shuo=1");
121 }
122
123 sb.append("\" ");
124
125
127 if (Validator.isNotNull(style)) {
128 sb.append("style=\"");
129 sb.append(style);
130 sb.append("\" ");
131 }
132
133
135 if (Validator.isNotNull(target)) {
136 sb.append("target=\"" + target + "\"");
137 }
138
139
141 sb.append(">");
142
143 pageContext.getOut().print(sb.toString());
144 }
145 catch (Exception e) {
146 throw new JspException(e);
147 }
148 }
149
150 public static void doEndTag(PageContext pageContext) throws JspException {
151 try {
152 pageContext.getOut().print("</a>");
153 }
154 catch (Exception e) {
155 throw new JspException(e);
156 }
157 }
158
159 private static Log _log = LogFactoryUtil.getLog(EncryptTagUtil.class);
160
161 }